×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Project Manager

Cyber Threat Intelligence Team Lead

Job in San Francisco, San Francisco County, California, 94199, USA
Listing for: Control Risks
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, IT Project Manager
Salary/Wage Range or Industry Benchmark: 200000 - 250000 USD Yearly USD 200000.00 250000.00 YEAR
Job Description & How to Apply Below

Get AI‑powered advice on this job and more exclusive features.

This range is provided by Control Risks. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

$/yr - $/yr

The Cyber Threat Intelligence Team Lead will play a pivotal role in building and leading a world‑class Cyber Intelligence program for a major client of Control Risks. This role will be responsible for developing the strategy, building out capabilities, and leading a team of security professionals to proactively detect, triage, and respond to cyber threats.

This position provides technical direction and administrative oversight on all cybersecurity matters, ensuring the protection of the client’s systems, networks, and data. The manager supports a strong first‑line ownership model by partnering with technology and business stakeholders to embed security into planning, development, and operational activities.

Responsibilities
  • Working closely with client stakeholders, build, manage, and scale a Cyber Threat Intelligence Team from the ground up.
  • Lead on developing standard operating procedures for threat intelligence activities, taking into account specific client activities and stakeholders, such as tooling, reporting lines, and out‑of‑hours incidents.
  • Lead on managing the most severe and critical cyber security incidents, including supporting incident responders with reporting, updates and investigations to aid incident response and crisis management in a timely, accurate, and professional manner.
  • Train and mentor threat intelligence analysts, engineers, and threat hunters.
  • Establish operational processes, escalation paths, and playbooks.
  • Oversee the triage of cyber events, ensuring rapid identification, investigation, and remediation.
  • Manage incident response activities, coordinating across IT, Legal, Risk, and other stakeholders.
  • Develop metrics, KPIs, and reporting to measure SOC effectiveness.
  • Lead proactive threat‑hunting operations to identify potential compromises and undetected malicious activity.
  • Integrate threat intelligence into SOC workflows and leverage intelligence to inform response and prevention strategies.
  • Evaluate and optimise the client’s technology stack (SIEM, SOAR, EDR, threat intelligence platforms, etc.).
  • Drive continuous improvement of detection rules, automation, and response capabilities.
  • Recommend emerging tools and processes to enhance maturity.
  • Conduct regular check‑ins, provide coaching and feedback, manage performance reviews and improvement plans, and support career development with team members.
  • Serve as the main liaison between team members and ECS program management team, ensuring timely program and personnel updates and controlling quality on client deliverables.
  • With the support of the Talent Acquisition team, participate in hiring processes ensuring team resourcing aligns with client expectations and program needs.
  • Lead onboarding tasks (e.g., joiner tickets, scheduling, equipment, success plans), manage off‑boarding logistics and leaver tickets, and ensure operational continuity.
  • Manage team schedules, approve PTO, ensure timesheet compliance, and maintain a consistent high‑quality service to the client.
  • Working closely with the ECS program management team, align on overall program strategy and priorities to create clear, actionable team deliverables.
Requirements
  • 10‑12 years of experience in cybersecurity, cyber threat intelligence, or cyber security operations.
  • Leadership experience in a threat intelligence environment a plus.
  • Ability to distil highly technical information into more business‑centric, risk‑oriented language for presentation to senior leadership.
  • Experience with Splunk (or other event monitoring capability), Crowd Strike, Recorded Future, MS Sentinel, Sentinel One, OpenCTI, MISP, Proofpoint.
  • Deep knowledge of incident response, digital forensics, malware analysis, and threat intelligence.
  • Hands‑on experience with SOC technologies such as SIEM, SOAR, EDR, IDS/IPS, and log management tools.
  • Strong understanding of MITRE ATT&CK framework, NIST Cybersecurity Framework, and industry best practices.
  • Excellent leadership, communication, and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search